Application is vulnerable to SQL Injection • Added cookie \'xAnketa[435]\' with the following value \'435\' • Added HTTP header \'X-Forwarded-For: \'\' GET /chat HTTP/1.0 Cookie: xAnketa[435]=435; xAnketa[435]=435; __utmz=189757097.1245686780.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utmc=189757097; __utmb=189757097; __utma=189757097.1860136152.1245686780.1245686780.1245686780.1 Accept: */* HTTP/1.0 200 OK Content-Length: 171 Date: Wed, 24 Jun 2009 01:04:57 GMT It is advised to filter out all the following characters: [1] | (pipe sign) [2] & (ampersand sign) [3] ; (semicolon sign) SQL injection and blind SQL injection: Make sure the value and type (such as Integer, Date, etc.) of the user input is valid and expected by the application. and \"few\" more...